Test ID:	1.3.6.1.4.1.25623.1.0.803940
Category:	Web application abuses
Title:	OTRS Object Link Restriction Bypass Vulnerability (OSA-2013-01)
Summary:	OTRS (Open Ticket Request System) is prone to a restriction; bypass vulnerability.
Description:	Summary: OTRS (Open Ticket Request System) is prone to a restriction bypass vulnerability. Vulnerability Insight: An error exists in object linking mechanism which fails check for access restrictions. Vulnerability Impact: Successful exploitation will allow remote authenticated attacker to view objects, ticket titles, or edit links to objects. Affected Software/OS: OTRS versions 3.0.x prior to 3.0.19, 3.1.x prior to 3.1.14 and 3.2.x prior to 3.2.4. Solution: Update to version 3.0.19, 3.1.14, 3.2.4 or later. CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2625 http://archives.neohapsis.com/archives/bugtraq/2013-08/0009.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html http://www.securityfocus.com/bid/58936 https://exchange.xforce.ibmcloud.com/vulnerabilities/83287 https://security-tracker.debian.org/tracker/CVE-2013-2625
Copyright	Copyright (C) 2013 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.